Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
569
Views
0
Helpful
2
Replies

RV340w RV325 DHCP not denied

Koyotee
Level 1
Level 1

‎07-03-2019 12:15 PM

Hi,

 

I'm not a kind of net guru. Anyhow I'm trying to set up network between two separate subnets with RV325 on one and RV340w on the other side. Routers are now directly connected via LAN3 port on both sides.

On each side there are separate non-over lapping subnets (192.168.1.0\24 and 192.168.6.0\24), Windows domains and DHCP servers. Goal was to make those two subnets visible to each other via routers without interrupting proper functioning of separate domains.

 

My assumption was that routers will cut off (DHCP) broadcast by default and that DHCP servers will continue to issue IP leases only for PCs in their subnets, respectively. However, DHCP broadcast passes through inter router connection and PCs from both sides can see both DHCP servers. Leased IP addresses are now mixed, which I want to avoid at any cost.

 

Current set up:

1. rv325

- VLAN1, ip 192.168.1.1\24, inter VLAN routing enabled, Untagged to all LAN ports

- VLAN999, ip 10.0.0.1\24, inter VLAN routing enabled, Tagged to LAN3, Excluded from other LAN ports

- static route destination 192.168.6.0\24,  GW 10.0.0.6, Metric 1, Interface LAN

- fw rule Allow, All Traffic, Source interface Any, Source 192.168.6.0-192.168.6.254, Destination Any, Always

- fw rule Deny, DHCP (UDP67\68), Source interface LAN, Source Any, Destination Any, Always

 

2. rv340w

- VLAN1, ip 192.168.6.1\24, inter VLAN routing enabled, Untagged to all LAN ports

- VLAN999, ip 10.0.0.6\24, inter VLAN routing enabled, Tagged to LAN3, Excluded from other LAN ports

- static route destination 192.168.1.0\24,  GW 10.0.0.1, Metric 1, Interface LAN

- fw rule Allow, All Traffic, Source interface Any, Source 192.168.1.0-192.168.1.254, Destination interface Any, Destination Any, Anytime

- fw rule Denied, DHCP, Source interface VLAN999, Source Any, Destination interface VLAN999, Destination Any, Anytime

 

Additionally, listed fw rules to deny DHCP (UDP 67\68), as noted above did not help.

When I disable LAN3 port then DHCP broadcast is cut off between scopes like it should be, but then other traffic between subnets is cut off as well.

 

So, questions:

1. Is (DHCP) broadcast denied by default in described scenario? And if yes, where I made mistake?

2. If broadcast is not denied by default how can I disable broadcast between routers and maintain all other types of traffic between subnets?

 

Thanks in advance for support!

 

 

Regards,

Koja

 

Labels:
0 Helpful
2 Replies 2

Jo Kern
Cisco Employee
Cisco Employee

‎07-04-2019 12:04 AM

Try to exclude VLAN1 from port LAN3.

Jo

0 Helpful

Koyotee
Level 1
Level 1
In response to Jo Kern

‎07-16-2019 12:15 AM

Jo, thanks for the response.

Unfortunately it didn't help.

 

I redesigned overall setup. Interconnection between two sub nets are now switch to separate L3VPN and internet provider MPLS. Furthermore, there are additional sub nets in L3VPN besides two listed.

 

Now I stumble into a complete new problem. (I can open a new topic since problem is different now.)

RV340w is blocking all application layer traffic, cifs/smb, http etc.

Ping works between all sub nets. Problem is agnostic to firewall set up on RV340w. No matter how I configure fw, allow all or even when it's completely switched off, problem remains.

On RV325 there is no such problem. Sub net behind RV325 can access all other networks w/o problem (ping and app layer).

 

Any idea how to overcome this issue?

 

 

 

Thanks...

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents